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Rise of the cyber threat 



2012 



MME 



o & y- 



& 












1 



s. 1 °- 













1% 

II 

1. 



3 



is 



o 
% z 



TO 03 

p 

S % 



03 > 

% °- 

Q- o 
C 
O 



%• 



•ttl 



Enterprises and Governments are experiencing 

the most AGGRESSIVE THREAT 
ENVIRONMENT in the history of information. 
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Security awareness at board level 

Organizational and security leadership is under immense pressure 




CISO 



EXTENDED 
SUPPLY CHAIN 



CYBER THREAT 



INCREASING 
COST PRESSURES 



44 /O OF DATA BREACH 
INVOLVED 3RD PARTY 
MISTAKES 

56 /o ORGANIZATIONS 
HAVE 

BEEN THE TARGET OF NATION- 
STATE CYBER ATTACK 
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O OF TOTAL IT 

BUDGET 

SPENT ON SECURITY 



Chief Information Security Officer sits at heart of the enterprise security response 
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Enterprise security priorities 



• Manage INFORMATION RISK in the era 

of mobile, cloud, social media 

• Protect against increasingly sophisticated 
CYBER THREATS 

• Improve REACTION TIME to security 
incidents 

• Reduce costs and SPEND WISELY 

• Achieve COMPLIANCE in a predictable 
and cost-effective way 
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2011 Top Cyber Security Risks Report 



HP DVLabs biannual report (published since 2009) helps 
enterprise organizations prioritize security resources 
Uses data from the following sources: 

Vulnerability information from the Open Source Vulnerability Database 

(OSVDB) and the HP DVLabs Zero Day Initiative (ZDI) 

Web application data from the HP Fortify Web Security Research Group and 

Fortify on Demand 

Attack information from a worldwide network of HP TippingPoint Intrusion 

Prevention Systems and a network of honeypots 

Exploit analysis from HP DVLabs 

Available at 
http://www.hpenterprisesecurity.com/cybersecurityrisks l 
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Key Findings 



Regardless of platform (mobile, virtual, etc.), applications 
are primary target for attack - particularly web applications. 

Vulnerabilities declining in commercial applications but 
increasing in custom applications. 

Attacks on applications - particularly Web applications - 
are increasing at an alarming rate. 

New techniques are allowing attackers to use old 
vulnerabilities to successfully launch new attacks 



Sony ffySfaftm 
NetworkBom 

77mifiiojiooajunkaf 







© Copyright 2012 Hewlett-Packard Development Company, L.P. 
The information contained herein is subject to change without notice. 




Application Security Monitoring is 



Expensive application re-write required to audit applications (e.g. login 
sessions, file access, registry updates) 

Longer to develop connectors to forward logs to a central SIEM for 
security analytics and compliance 

Residual vulnerabilities in applications go undetected and easily 
exploited ( OWASPTop 10 : SQL injection, XSS, etc.) 

WAF provides limited application monitoring, more overhead, and cannot 
detect malware in encrypted traffic (SSL) 




SIEM 
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Best Practices for Application Security 

Why are they NOT working? 

• Adopt secure software development life cycle (SDLC) 

- Slow Adoption: It takes years to train developers/testers to build in security 

- 3 rd Party Code: Cannot impose SDLC practices on 3 rd parties and SAAS providers 

• Detect application vulnerabilities during staging before production 

-Developers accustomed to logging functional use-cases not abuse-cases 

-Businesses under pressure to on-board web-applications before running penetration tests 

• Detect and Protect against application threats during operations 

-Cannot detect and protect against application attacks without runtime context 
-Need session and activity logs to detect abnormal user activity in applications 



-Need SIEM to correlate across multiple event sources to identify business risk 
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HP Enterprise Security 






Market leading products One Team 


, One Vision 




and services 

• Security Information and Event 
Management 


DV 

lippingPotnt 




• Log Management * m^ 


ATAiA 




• Application Security 9 if [h 

• Network Security ^WMr 

• Data Protection 
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ViSTORM 




• Threat Research 


(FORTIFY 




• Security Services 
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HP Security Intelligence Platform 
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in applications 
and operations to understand risk 




build defenses against the exploitation of 
vulnerabilities 



across people, process, and 
:echnology to improve over time 
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Increased Situational Awareness 

Provide Context 



Traditional Security Monitoring 



Hybrid Security Monitoring 





13 © Copyright 2012 Hewlett-Packard Development Company, LP. 

The information contained herein is subject to change without notice. 



m 



Security Intelligence and Risk Management Solutions 

HP ESP Professional Services 
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HP Enterprise Security Services 



Security Governance 

Robust security services to align business drivers 

with legal and regulatory requirements 

Industry experience across enterprise and government 

Integrated measurement and reporting through 

HP Secure Boardroom 



Security Consulting 

Dedicated, deep domain expertise across industry 

solutions and verticals 

SIEM solution consulting specialism 

Global industry accreditation qualifications 

Client Security Officer services 
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Managed Security Services 

Comprehensive security services portfolio 

Dedicated 24*7*365 expert support 

ISO20071 Certified platform 

Over 40 years experience across industry leading solutions 

Full and flexible service offerinqs (SaaS, ECS) 



Security Technology Service^fc 

HP Enterprise Security Products 

Deep experience across leading IT security vendors 

McAfee, Symantec and Checkpoint 

Breadth of security solution consulting services 







HP Application Security 
Solutions 
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HP ArcSight SIEM Solution 

A comprehensive platform for monitoring modern threats and risks, augmented 
by services expertise and the most advanced security user community, Protect724 
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Establish complete visibility 

Analyze events in real time to deliver insight 

Respond quickly to prevent loss 

Measure security effectiveness across 
people, process and technology 
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HP Fortify Application Security Solutions 

Identifies and eliminates risk in existing applications and prevents the introduction 
of risk during application development, in-house or from vendors. 



Protects business critical applications from advanced 
cyber attacks by removing security vulnerabilities from 
software 

Accelerates time-to-value for achieving secure 
applications 

Increases development productivity by enabling 
security to be built into software, rather than added on 
after it is deployed 




Delivers risk intelligence from application 
development to improve operational security 
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HP Application Security Solutions 



Secure Software Development Solutions 



Monitoring Solutions for IT Operations 



HP Fortify 
Real Time Analyzer 



HP ArcSight 
App. Security Monitor 



Secure Software Development 
1 



HP Fortify 
Static Code Analyzer 
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HP ArcSight AppSM Dashboard 
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HP ArcSight Application Security Monitor (AppSM) 
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AppSM Runtime: Fortify Runtime and AppSM rule-pack pre-configured to: 

• Log application session activity (logins, file access, registry update etc.) 

• Detect application level attacks (beyond OWASP Top 1 0) 

• Forward event logs to ArcSight ESM over Syslog 

AppSM Content: ArcSight ESM Correlation Rules, Dashboards and Reports 
for viewing standard threats in applications 
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HP ArcSight 
ESM 
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HP Fortify Run Time Analyzer (RTA) 

Adds Application Threat Protection and Centralized Management 




ArcSight AppSM: 

• Rule-pack: DETECTS session activity and application security threat events. 

Fortify RTA: 

• Rule-pack: DETECTS and BLOCKS application security threats identified in rule-pack. 

• Security Center: To centrally manage all rule-packs on all application servers. 
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Summary 



Adopt secure software development life cycle (SDLC) 

- Train software developers/testers to build in security during SDLC 

- Use tools to identify security risks early during software development 

Detect application vulnerabilities during staging before production 

-Run penetration testing tools that detect residual vulnerabilities in applications 



Detect and Protect against application threats during operations 

-Use tools that allow you to rapidly detect and protect application level threats without 
modifying applications 

-Address critical application level threats by correlating application events with events 
reported by other enterprise sources using SI EM 
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Find out more 



HP Enterprise Security Products 1 HP Enterprise Security Services 1 After the event 



Gab Gennai 

+61 411 606 050 

Gabriel.qennai@hp.com 

Shlomi Shaki 
+61 407 225 944 
Shlomi Shaki@hp.com 

Stephen MacDonald 

+61 423 776 606 

Stephen.macdonald@hp.com 



Rob Hueston 

+61 407 163 088 

Rob.hueston@hp.com 

Jeremy Roach 

+61 423 781 190 

Jeremy.roach@hp.com 

Andrew Latham 
+61 406 537 576 
alatham@hp.com 



Contact your sales rep 

Visit us at: 
http://www.hpenterprisesecurity.com 
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Thank You 
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